Xiao Tong Network Education industry Security Solutions

Background information

Schools and libraries need healthy, safe and accessible information on the Internet, but unfortunately the information on the Internet is counterproductive, and students at school may get information about pornography, violence or reactionary ideas through the Web site. Therefore, schools and libraries need to protect students from the harmful effects of these web sites. Ishan 700s is a leading hardware firewall in the network security market, which protects students, schools, and home users.

Solution

The firewall is built into the network's "throat" zone, making the firewall the only way to control the school's access to the Internet, which ensures network security throughout the school (see Figure 1).

　　　

Figure 1 Location of Easy 700s in the network

★ Easy to 700s WAN access to broadband, LAN port connection Proxy server and set as intranet gateway. Internal LAN settings do not need to change, so that all workstations and clients do not need to change the settings to complete the entire Network security transformation;

★ The private IP address of the Web server is mapped to the public network IP address by using the one-to-one NAT feature which is easy to be 700s. When browsing the web, the firewall is transparent to teachers and students;

★ Firewall rules set: Only allow intranet to the Internet, www, FTP, SMTP, POP3 and other service ports open, extranet only through 80 ports to access the intranet Web server, so as to protect intranet security.

Effect evaluation

Ishan 700s filtering function can thoroughly filter contains pornography, profiteering, and reactionary ideas and other bad information site, coupled with excellent cost-effective, very suitable for the budget of the education industry users more nervous. The main advantages of Ishan 700s are as follows:

★ High cost performance, with a low price to provide a wealth of functional characteristics;

★ Easy to still 700s provides a strong access rule characteristics, the administrator can be flexible according to the specific needs of customization;

★ 700s can automatically detect and prevent denial of service attacks (DoS), such as Ping of Death, SYN Flood, Land Attack, IP spoofing;

★ Easy to still 700s state packet detection characteristics can be real-time monitoring access to the firewall connection, while the firewall log recorded in a database server for log audit;

★ In the entire network security implementation process in addition to erecting easy to 700s hardware firewall, do not need to change the number of network hardware devices and connection mode, reduce the network administrator maintenance, but also fully meet the needs of users.